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Patent claims 

A method for authenticating a smart card (SIM) in a messaging network, pref- 
erably a GSM network, wherein an algorithm and a secret key are stored in a 
smart card (SIM), whereby for authentication 

the network or a network component first transfers a random number 

(RAND) to the smart card, 

a response signal (SRES) is generated therefrom in the smart card by 
means of the algorithm and the secret key (K t ) and transmitted to the net- 
work or network component, 
characterized in that 

to form an authentication parameter the secret key (A',) and the random 
number (RAND) are each split into at least two parts (K u K 2 ; RAND U 
RAND 2 ), 

one of the parts (RAND X , RAND 2 ) of the transferred random number 
(RAND) is encrypted with the aid of one or more parts (K u K 2 ) of the se- 
cret key (Kj) by means of a one- or multistep, preferably symmetrical al- 
gorithm, and 

a given number of bits is selected from the encryption result and trans- 
ferred as a signal response (SRES) to the network. 

A method according to claim 1, characterized in that the secret key (Kj) and/or 

the random number (RAND) are split into two parts. 

A method according to claim 1 or 2, characterized in that a part of the trans- 
ferred random number (RAND) and one and/or more parts of the secret key (Kj) 
are used to calculate a channel coding key (K c ) by means of a one- or multistep 
algorithm, at least one part of the calculation result being used as the channel 
coding key (K c ). 

A method according to any of claims 1 to 3, characterized in that the key (AT,) 
and the random number (RAND) are split into two equally long parts (K u K 2 I 

RAND\, RAND 2 ). 
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A method according to any of claims 1 to 4, characterized in that DES algo- 
rithms are used to calculate the authentication parameters (SRES, SRES) and/or 
the channel coding key (K c ). 

A method according to any of claims 1 to 4, characterized in that the, prefera- 
bly one-step, IDEA algorithm is used to calculate the authentication parameters 
(SRES, SRES) and/or the channel coding key (K c ). 

A method according to any of claims 1 to 4, characterized in that a compres- 
sion algorithm whose output value has a smaller length than the input parame- 
ter is used to calculate the authentication parameters (SRES, SRES 1 ) and/or the 
channel coding key (K c ). 

A method according to any of claims 1 to 7, characterized in that the calcula- 
tion is effected in an at least two-step algorithm. 

A method according to any of claims 1 to 8, characterized in that a triple DES 
algorithm is used as an encryption algorithm, whereby one first encrypts with 
the first part (K x ) of the key (K,), then decrypts with the second part (K 2 ) of the 
key (A',) and thereupon encrypts again with the first part (K x ) or a third part of 
the key (K,). 

A method according to any of claims 1 to 9, characterized in that a selection of 
the first or second part of the random number (RAND) is effected in the same 
way in the card and the network in random or pseudorandom alternation. 



